Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (5)

Resolved Validate username and password against Active Directory

  1. How-to
1
Votes
Undo
  1. Bryan Comeau
    Bryan Comeau
  2. PowerBuilder
  3. Monday, 4 March 2019 12:50 PM UTC

Hello,

We have Client-Server applications where we want the users log in with their Active Directory account.  How can we validate username and password against Active Directory?  We are using PowerBuilder 2017 R2. 

Powerbuilder App with TTS
Can we install PowerBuilder License Server on Wind...
Responses (5)
Miguel Leeuwe
Miguel Leeuwe Accepted Answer Pending Moderation
  1. Thursday, 19 September 2019 22:03 PM UTC
  2. PowerBuilder
  3. # 1

For Oracle users, this might be a helpful link:

https://docs.oracle.com/cd/B28359_01/win.111/b32010/authen.htm#i1006045

 

Comment
There are no comments made yet.
Michael Kramer
Michael Kramer Accepted Answer Pending Moderation
  1. Saturday, 14 September 2019 00:45 AM UTC
  2. PowerBuilder
  3. # 2

Many traditional client/server apps require DB login at startup. Example here asks database for user's identity right after DB connect.

SQLCA.DBMS       = "SNC"
SQLCA.ServerName = "DemoServer"
SQLCA.DBParm     = "Database='DemoDB',Provider='SQLNCLI11',TrustedConnection=1"

CONNECT USING SQLCA;

SELECT ADLogin  INTO  :ls_loginName
FROM  (SELECT ORIGINAL_LOGIN() [ADLogin]) a
USING SQLCA;

TIPS:

  • SUSER_NAME() / USER_NAME() change values when app calls EXECUTE AS LOGIN / EXECUTE AS USER
  • ORIGINAL_LOGIN() retains identity.

HTH /Michael

Comment
There are no comments made yet.
Christophe Dufourmantelle
Christophe Dufourmantelle Accepted Answer Pending Moderation
  1. Wednesday, 6 March 2019 04:53 AM UTC
  2. PowerBuilder
  3. # 3

You can use Visual Guard, to let users log in with their Active Directory account.  

Once plugged into the PowerBuilder app, it offers 2 options:

1. Single Sign-On (users don't have to enter credentials - they are automatically logged with the current Windows account)

                        if isvalid(guo_vgmanager) Then
                          if guo_vgmanager.of_VerifyUser() > 0 Then
                             Open(w_Main)
                          Else
                        Return
                          End if
                        End if

 2. Users enter their credentials - this can work even if they are not running the app in the AD domain

                        if isvalid(guo_vgmanager) Then
                          if guo_vgmanager.of_VerifyUser(VGlogin, VGpassword, vg_n_authenticationmode.windowsbycredential) > 0 Then
                            Open(w_Main)
                          Else
                        Return
                          End if
                        End if

Beside user log in, you can pick additional security features (Permissions Management, Security Audit, Administration Console, etc.).

Regards,
Christophe

Comment
Bryan Comeau
  1. Bryan Comeau
  2. Wednesday, 6 March 2019 12:14 PM UTC
Nice to know that this exist... But for now I just need authentication....
  1. Helpful
There are no comments made yet.
Stuart Macandrew
Stuart Macandrew Accepted Answer Pending Moderation
  1. Monday, 4 March 2019 23:33 PM UTC
  2. PowerBuilder
  3. # 4

Try something like this - 

Declare an external function

function        long LogonUser(string username, string domain, string password, long logontype, long logonprovider, ref ulong hToken) library "Advapi32" alias for "LogonUserA;Ansi"

 And Validate like this; 

Constant long  LOGON32_LOGON_NETWORK  = 3

Constant long  LOGON32_PROVIDER_DEFAULT  = 0

 long ll_rc

ulong        ulHandle

 ll_rc = LogonUser( sle_user_id.text , sle_domain.text ,  sle_password.text  , LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, ulHandle)

 Messagebox( "LogonUser", "Return=" + string(ll_rc) )

 if ll_rc > 0 then

CloseHandle(ulHandle)

else

ll_rc = GetLasterror( )

Messagebox( "LogonUser", "GetLastError Return=" + string(ll_rc) )

end if

 

Comment
Bryan Comeau
  1. Bryan Comeau
  2. Wednesday, 6 March 2019 12:12 PM UTC
Thank you! It is doing exactly what I needed and really simple...
  1. Helpful
There are no comments made yet.
Chris Pollach @Appeon
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Monday, 4 March 2019 18:07 PM UTC
  2. PowerBuilder
  3. # 5

Hi Bryan;

   I did a presentation on A.D. processing from PowerBuilder and PowerServer at the Elevate 2018 conference.

FYI:  https://www.appeon.com/user/center/mydocuments?op=downloadfileByPdf&fileName=Elevate%202018_145.pdf&ID=145

HTH
Regards ... Chris

Comment
Load more comments
Juan Carlos Rojas
  1. Juan Carlos Rojas
  2. Friday, 13 September 2019 20:53 PM UTC
Hello. I have the same necessity, "Validate username and password against Active Directory " but I don´t understand this code by Stuart Macandrew . Where´s the code of the function? for example:

library "Advapi32" alias for "LogonUserA;Ansi

What does it mean?

Can you help me, please?

Thanks.
  1. Helpful
Chris Pollach @Appeon
  1. Chris Pollach @Appeon
  2. Friday, 13 September 2019 21:01 PM UTC
Hi Juan;

Its an "external" call to an MS-Windows API function. The proper declaration though for Appeon PB should be ...

FUNCTION long LogonUser (string username, string domain, string password, long logontype, long logonprovider, ref ulong hToken) library "Advapi32" alias for "LogonUserW"

Regards ... Chris

  1. Helpful
Juan Carlos Rojas
  1. Juan Carlos Rojas
  2. Friday, 13 September 2019 21:33 PM UTC
Hi. I appreciate your timely response. However, I ask you to apologize, but I still do not understand what should be done to implement this code. It is not clear to me. I understand that a function must be declared but I don't know how to define the type of variables in certain cases. For example ref ulong hToken. Is ulong the type of variable? I also don't understand if libraries like the Advapi32 library should be imported somewhere. You could be more descriptive to see if I can solve my case. Thank you.
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.
We use cookies which are necessary for the proper functioning of our websites. We also use cookies to analyze our traffic, improve your experience and provide social media features. If you continue to use this site, you consent to our use of cookies.